middle added

services/web/project/__init__.py

@@ -1,6 +1,9 @@
 import os
 import psycopg2
 from dotenv import load_dotenv
+from functools import wraps
+import datetime
+import jwt
 
 from flask import (
     Flask,
@@ -16,7 +19,22 @@ load_dotenv()
 app = Flask(__name__)
 app.config.from_object("project.config.Config")
 db = SQLAlchemy(app)
+app.config['SECRET_KEY'] ='thisisourwondefulkey'
 
+def token_required(f):
+    @wraps(f)
+    def decorated(*args, **kwargs):
+        token = request.args.get('token')
+
+        if not token:
+            return jsonify({'message': 'Error - missing token'}), 403
+        try:
+            data =  jwt.decode(token, app.config['SECRET_KEY'])
+        except:
+            return jsonify({'message': 'Token is invalid'}),403
+
+        return f(*args, **kwargs)
+    return decorated
 
 class User(db.Model):
     __tablename__ = "users"
@@ -42,27 +60,66 @@ def hello_world():
     return {"account": account}
 
 
-@app.route("/auth/login")
+@app.route("/panel/auth/login", methods=["POST"])
-def statrt_login():
+def start_login():
+    try:
+        data = request.json
+        if not data:
+            return {
+                "message": "Please provide user details",
+                "data": None,
+                "error": "Bad request"
+            }, 400
 
-    return jsonify(hello="ameye world")
+        GLOBAL_AVG = """SELECT * FROM members WHERE id  = 1;"""
+        with connection:
+                with connection.cursor() as cursor:
+                    cursor.execute(GLOBAL_AVG)
+                    account = cursor.fetchone()
+        #return jsonify(hello="ameye world")
+        token =  jwt.encode({'user': 'account', 'exp' : datetime.datetime.utcnow() + datetime.timedelta(minutes=30)},app.config['SECRET_KEY'] )
+       # return {"account": account}
+        return {"token": token}
 
-@app.route("/auth/register")
+    except Exception as e:
+        return {
+                "message": "Something went wrong!",
+                "error": str(e),
+                "data": None
+        }, 500
+
+
+
+@app.route("/panel/auth/register")
 def start_register():
     return jsonify(hello="ameye world")
 
-@app.route("/auth/resetpass")
+@app.route("/panel/auth/resetpass")
 def start_resetpass():
     return jsonify(hello="ameye world")
 
-@app.route("/account")
+
+
+@app.route("/panel/account")
+@token_required
 def account():
     return jsonify(hello="ameye world")
 
-@app.route("/account/dash")
+@app.route("/panel/account/dash")
+@token_required
 def dashboard():
     return jsonify(hello="ameye world")
 
+@app.route("/panel/account/products")
+@token_required
+def panel_products():
+    return jsonify(hello="ameye world")
+
+@app.route("/panel/account/actions")
+@token_required
+def recent_actions():
+    return jsonify(hello="ameye world")
+
 
 @app.route("/static/<path:filename>")
 def staticfiles(filename):

services/web/project/static/models.py

@@ -0,0 +1,100 @@
+"""Application Models"""
+import bson, os
+from dotenv import load_dotenv
+from werkzeug.security import generate_password_hash, check_password_hash
+import psycopg2
+
+load_dotenv()
+
+# DATABASE_URL=os.environ.get('DATABASE_URL') or 'mongodb://localhost:27017/myDatabase'
+# print(DATABASE_URL)
+# client = MongoClient(DATABASE_URL)
+# db = client.myDatabase
+
+dataUrl =  os.getenv("DATABASE_URL")
+db = psycopg2.connect(dataUrl)
+
+
+class User:
+    """User Model"""
+    def __init__(self):
+        return
+
+    def create(self, name="", email="", password=""):
+        """Create a new user"""
+        user = self.get_by_email(email)
+        if user:
+            return
+        new_user = db.users.insert_one(
+            {
+                "name": name,
+                "email": email,
+                "password": self.encrypt_password(password),
+                "active": True
+            }
+        )
+        return self.get_by_id(new_user.inserted_id)
+
+    def get_all(self):
+        """Get all users"""
+        users = db.users.find({"active": True})
+        return [{**user, "_id": str(user["_id"])} for user in users]
+
+    def get_by_id(self, user_id):
+        """Get a user by id"""
+        user = db.users.find_one({"_id": bson.ObjectId(user_id), "active": True})
+        if not user:
+            return
+        user["_id"] = str(user["_id"])
+        user.pop("password")
+        return user
+
+    def get_by_email(self, email):
+        """Get a user by email"""
+        user = db.users.find_one({"email": email, "active": True})
+        if not user:
+            return
+        user["_id"] = str(user["_id"])
+        return user
+
+    def update(self, user_id, name=""):
+        """Update a user"""
+        data = {}
+        if name:
+            data["name"] = name
+        user = db.users.update_one(
+            {"_id": bson.ObjectId(user_id)},
+            {
+                "$set": data
+            }
+        )
+        user = self.get_by_id(user_id)
+        return user
+
+    def delete(self, user_id):
+        """Delete a user"""
+        Books().delete_by_user_id(user_id)
+        user = db.users.delete_one({"_id": bson.ObjectId(user_id)})
+        user = self.get_by_id(user_id)
+        return user
+
+    def disable_account(self, user_id):
+        """Disable a user account"""
+        user = db.users.update_one(
+            {"_id": bson.ObjectId(user_id)},
+            {"$set": {"active": False}}
+        )
+        user = self.get_by_id(user_id)
+        return user
+
+    def encrypt_password(self, password):
+        """Encrypt password"""
+        return generate_password_hash(password)
+
+    def login(self, email, password):
+        """Login a user"""
+        user = self.get_by_email(email)
+        if not user or not check_password_hash(user["password"], password):
+            return
+        user.pop("password")
+        return user

services/web/requirements.txt

@@ -4,4 +4,5 @@ gunicorn==20.1.0
 psycopg2-binary==2.9.6
 flask-smorest==0.42.3
 python-dotenv
-python-jwt
+pyjwt
+pillow